diff --git a/2024/32xxx/CVE-2024-32888.json b/2024/32xxx/CVE-2024-32888.json index 89422dcccd9..c4fef0e3cce 100644 --- a/2024/32xxx/CVE-2024-32888.json +++ b/2024/32xxx/CVE-2024-32888.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32888", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the non-default connection property `preferQueryMode=simple` in combination with application code which has a vulnerable SQL that negates a parameter value. There is no vulnerability in the driver when using the default, extended query mode. Note that `preferQueryMode` is not a supported parameter in Redshift JDBC driver, and is inherited code from Postgres JDBC driver. Users who do not override default settings to utilize this unsupported query mode are not affected. This issue is patched in driver version 2.1.0.28. As a workaround, do not use the connection property `preferQueryMode=simple`. (NOTE: Those who do not explicitly specify a query mode use the default of extended query mode and are not affected by this issue.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "aws", + "product": { + "product_data": [ + { + "product_name": "amazon-redshift-jdbc-driver", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.1.0.28" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/aws/amazon-redshift-jdbc-driver/security/advisories/GHSA-x3wm-hffr-chwm", + "refsource": "MISC", + "name": "https://github.com/aws/amazon-redshift-jdbc-driver/security/advisories/GHSA-x3wm-hffr-chwm" + }, + { + "url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56", + "refsource": "MISC", + "name": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56" + }, + { + "url": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/0d354a5f26ca23f7cac4e800e3b8734220230319", + "refsource": "MISC", + "name": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/0d354a5f26ca23f7cac4e800e3b8734220230319" + }, + { + "url": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/12a5e8ecfbb44c8154fc66041cca2e20ecd7b339", + "refsource": "MISC", + "name": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/12a5e8ecfbb44c8154fc66041cca2e20ecd7b339" + }, + { + "url": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/bc93694201a291493778ce5369a72befeca5ba7d", + "refsource": "MISC", + "name": "https://github.com/aws/amazon-redshift-jdbc-driver/commit/bc93694201a291493778ce5369a72befeca5ba7d" + } + ] + }, + "source": { + "advisory": "GHSA-x3wm-hffr-chwm", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/35xxx/CVE-2024-35108.json b/2024/35xxx/CVE-2024-35108.json index 57a3b8aaf9c..f0605c8a232 100644 --- a/2024/35xxx/CVE-2024-35108.json +++ b/2024/35xxx/CVE-2024-35108.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-35108", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-35108", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/FirstLIF/cms/blob/main/1.md", + "refsource": "MISC", + "name": "https://github.com/FirstLIF/cms/blob/main/1.md" } ] } diff --git a/2024/35xxx/CVE-2024-35109.json b/2024/35xxx/CVE-2024-35109.json index b6517bd6c52..0b0094a07c8 100644 --- a/2024/35xxx/CVE-2024-35109.json +++ b/2024/35xxx/CVE-2024-35109.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-35109", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-35109", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/FirstLIF/cms/blob/main/2.md", + "refsource": "MISC", + "name": "https://github.com/FirstLIF/cms/blob/main/2.md" } ] } diff --git a/2024/3xxx/CVE-2024-3189.json b/2024/3xxx/CVE-2024-3189.json index e361aee99d1..9001c31af51 100644 --- a/2024/3xxx/CVE-2024-3189.json +++ b/2024/3xxx/CVE-2024-3189.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3189", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including, 3.2.37 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "britner", + "product": { + "product_data": [ + { + "product_name": "Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.2.37" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/766b0bde-c555-40c1-b174-20045bd89c11?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/766b0bde-c555-40c1-b174-20045bd89c11?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3083616/kadence-blocks/trunk/includes/blocks/class-kadence-blocks-lottie-block.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3083616/kadence-blocks/trunk/includes/blocks/class-kadence-blocks-lottie-block.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076712%40kadence-blocks&new=3076712%40kadence-blocks&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076712%40kadence-blocks&new=3076712%40kadence-blocks&sfp_email=&sfph_mail=" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084683%40kadence-blocks&new=3084683%40kadence-blocks&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084683%40kadence-blocks&new=3084683%40kadence-blocks&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Matthew Rollings" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/4xxx/CVE-2024-4208.json b/2024/4xxx/CVE-2024-4208.json index e8f6dc56fce..248563ef446 100644 --- a/2024/4xxx/CVE-2024-4208.json +++ b/2024/4xxx/CVE-2024-4208.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the typer effect in the advanced heading widget in all versions up to, and including, 3.2.37 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "britner", + "product": { + "product_data": [ + { + "product_name": "Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.2.37" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ea2bb8c-cc8b-49de-9c8e-2c8c0569f4ac?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ea2bb8c-cc8b-49de-9c8e-2c8c0569f4ac?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084683%40kadence-blocks&new=3084683%40kadence-blocks&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3084683%40kadence-blocks&new=3084683%40kadence-blocks&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Craig Smith" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/4xxx/CVE-2024-4893.json b/2024/4xxx/CVE-2024-4893.json new file mode 100644 index 00000000000..724b3d99d0f --- /dev/null +++ b/2024/4xxx/CVE-2024-4893.json @@ -0,0 +1,119 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2024-4893", + "ASSIGNER": "cve@cert.org.tw", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables unauthorized access to read, modify, and delete database records, as well as execute system commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "DigiWin", + "product": { + "product_data": [ + { + "product_name": "EasyFlow .NET", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.x" + }, + { + "version_affected": "=", + "version_value": "5.x" + }, + { + "version_affected": "=", + "version_value": "6.1.x" + }, + { + "version_affected": "=", + "version_value": "6.6.x" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7800-843f1-1.html", + "refsource": "MISC", + "name": "https://www.twcert.org.tw/tw/cp-132-7800-843f1-1.html" + }, + { + "url": "https://www.twcert.org.tw/en/cp-139-7801-67d07-2.html", + "refsource": "MISC", + "name": "https://www.twcert.org.tw/en/cp-139-7801-67d07-2.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "TVN-202405001", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Contact the vendor to install the patch." + } + ], + "value": "Contact the vendor to install the patch." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4894.json b/2024/4xxx/CVE-2024-4894.json new file mode 100644 index 00000000000..0fcb5da4cfa --- /dev/null +++ b/2024/4xxx/CVE-2024-4894.json @@ -0,0 +1,108 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2024-4894", + "ASSIGNER": "cve@cert.org.tw", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-918 Server-Side Request Forgery (SSRF)", + "cweId": "CWE-918" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ITPison", + "product": { + "product_data": [ + { + "product_name": "OMICARD EDM", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "earlier", + "version_value": "6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7802-18f3c-1.html", + "refsource": "MISC", + "name": "https://www.twcert.org.tw/tw/cp-132-7802-18f3c-1.html" + }, + { + "url": "https://www.twcert.org.tw/en/cp-139-7803-c0f73-2.html", + "refsource": "MISC", + "name": "https://www.twcert.org.tw/en/cp-139-7803-c0f73-2.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "TVN-202405002", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Software update is unable to patch the vulnerability, please disable the affected website(Relay). For further instructions, please contact the vendor to obtain the security documentation." + } + ], + "value": "Software update is unable to patch the vulnerability, please disable the affected website(Relay). For further instructions, please contact the vendor to obtain the security documentation." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + } + ] + } +} \ No newline at end of file